From 787b8bcf25a2eb18915d7de2825f59e9bc389af1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89loi=20Rivard?= <eloi@yaal.fr>
Date: Wed, 19 Aug 2020 16:56:04 +0200
Subject: [PATCH] Better user objectClasses

---
 config.sample.toml    | 1 +
 docker/bootstrap.ldif | 6 ++++++
 tests/conftest.py     | 6 ++----
 web/forms.py          | 2 +-
 web/models.py         | 2 +-
 5 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/config.sample.toml b/config.sample.toml
index 702006c4..35f2fb2d 100644
--- a/config.sample.toml
+++ b/config.sample.toml
@@ -11,4 +11,5 @@ ROOT_DN = "dc=mydomain,dc=tld"
 BIND_DN = "cn=admin,dc=mydomain,dc=tld"
 BIND_PW = "admin"
 
+USER_FILTER = "(|(uid={login})(cn={login}))"
 ADMIN_FILTER = "cn=Jane Doe"
diff --git a/docker/bootstrap.ldif b/docker/bootstrap.ldif
index 3c5ad068..9237e0bf 100644
--- a/docker/bootstrap.ldif
+++ b/docker/bootstrap.ldif
@@ -16,12 +16,18 @@ ou: authorizations
 
 dn: cn=Jane Doe,ou=users,dc=mydomain,dc=tld
 objectclass: person
+objectclass: uidobject
+objectclass: simpleSecurityObject
 cn: Jane Doe
 sn: Doe
+uid: admin
 userpassword: {SSHA}7zQVLckaEc6cJEsS0ylVipvb2PAR/4tS
 
 dn: cn=John Doe,ou=users,dc=mydomain,dc=tld
 objectclass: person
+objectclass: uidobject
+objectclass: simpleSecurityObject
 cn: John Doe
 sn: Doe
+uid: user
 userpassword: {SSHA}Yr1ZxSljRsKyaTB30suY2iZ1KRTStF1X
diff --git a/tests/conftest.py b/tests/conftest.py
index c515832f..45c0e801 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -86,6 +86,7 @@ def app(slapd_server):
                 "URI": slapd_server.ldap_uri,
                 "BIND_DN": slapd_server.root_dn,
                 "BIND_PW": slapd_server.root_pw,
+                "USER_FILTER": "(|(uid={login})(mail={login}))",
             },
         }
     )
@@ -127,9 +128,6 @@ def client(app, slapd_connection):
 
 @pytest.fixture
 def user(app, slapd_connection):
-    u = User(cn="John Doe", sn="Doe")
+    u = User(cn="John Doe", sn="Doe", uid="user", userpassword="{SSHA}fw9DYeF/gHTHuVMepsQzVYAkffGcU8Fz")
     u.save(slapd_connection)
-    slapd_connection.passwd_s(
-        u.dn.encode("utf-8"), None, "correct horse battery staple".encode("utf-8"),
-    )
     return u
diff --git a/web/forms.py b/web/forms.py
index ec76cdba..2eb905ea 100644
--- a/web/forms.py
+++ b/web/forms.py
@@ -5,7 +5,7 @@ from flask_wtf import FlaskForm
 
 class LoginForm(FlaskForm):
     login = wtforms.StringField(
-        gettext("Username"),
+        gettext("Login"),
         validators=[wtforms.validators.DataRequired()],
         render_kw={"placeholder": "mdupont"},
     )
diff --git a/web/models.py b/web/models.py
index 9fe6d73b..bb164d79 100644
--- a/web/models.py
+++ b/web/models.py
@@ -12,7 +12,7 @@ from .ldaputils import LDAPObjectHelper
 
 
 class User(LDAPObjectHelper):
-    objectClass = ["person"]
+    objectClass = ["person", "simpleSecurityObject", "uidObject"]
     base = "ou=users"
     id = "cn"
     admin = False